Merge "Use PyCrypto to generate randomness passwords"

cinder/utils.py

@@ -24,13 +24,13 @@ import hashlib
 import inspect
 import os
 import pyclbr
-import random
 import re
 import shutil
 import stat
 import sys
 import tempfile
 
+from Crypto.Random import random
 from eventlet import pools
 from oslo.config import cfg
 import paramiko
@@ -381,26 +381,24 @@ def generate_password(length=20, symbolgroups=DEFAULT_PASSWORD_SYMBOLS):
     Believed to be reasonably secure (with a reasonable password length!)
 
     """
-    r = random.SystemRandom()
-
     # NOTE(jerdfelt): Some password policies require at least one character
     # from each group of symbols, so start off with one random character
     # from each symbol group
-    password = [r.choice(s) for s in symbolgroups]
+    password = [random.choice(s) for s in symbolgroups]
     # If length < len(symbolgroups), the leading characters will only
     # be from the first length groups. Try our best to not be predictable
     # by shuffling and then truncating.
-    r.shuffle(password)
+    random.shuffle(password)
     password = password[:length]
     length -= len(password)
 
     # then fill with random characters from all symbol groups
     symbols = ''.join(symbolgroups)
-    password.extend([r.choice(symbols) for _i in xrange(length)])
+    password.extend([random.choice(symbols) for _i in xrange(length)])
 
     # finally shuffle to ensure first x characters aren't from a
     # predictable group
-    r.shuffle(password)
+    random.shuffle(password)
 
     return ''.join(password)
 

requirements.txt

@@ -14,6 +14,7 @@ oslo.rootwrap
 paramiko>=1.13.0
 Paste
 PasteDeploy>=1.5.0
+pycrypto>=2.6
 python-glanceclient>=0.13.1
 python-keystoneclient>=0.9.0
 python-novaclient>=2.17.0